NETGEAR STM150EW3-100NAS manual STM150 CA Certificate

Page 70

ProSecure Web/Email Security Threat Management Appliance STM150 Reference Manual

required, the connection will be rejected with an alert message in the browser window. To allow access, select the Allow the STM to present the website to the client. check box.

Show This Message When an SSL Connection Attempt Fails

When the STM150 denies access to an HTTPS web site, it will display an HTML warning message. The URL and reason will be included between the two % marks. Make sure you keep the %URL% and %REASON% tags while modifying the message to automatically include information about the blocked URL and the reason connection to it failed. You can preview the warning page by pressing Preview. The maximum size for the warning text message is 3 Kilobytes. Scripts are not supported.

The STM150 CA Certificate

HTTPS is a secure version of HTTP used by Web sites for handling secure transactions. When the STM150 (with HTTPS scanning enabled) is located between the client and the server, the STM150 breaks the SSL connection into two parts.

1.Client <-> STM150

2.STM150 <-> Server

When the client makes a request, the STM150 will communicate with the server on its behalf. The server then returns a certificate to the STM150 for authentication. Next, the STM150 will dynamically generate and pass a certificate of its own to the client in place of the server's certificate, which means the client will see the STM150 generated certificate rather than the one from the server.

4-20	Customizing Scans

v1.1, March 2009

Image 70

Contents NETGEAR, Inc EU Regulatory Compliance Statement TrademarksStatement of Conditions Bestätigung des Herstellers/ImporteursVoluntary Control Council for Interference Vcci Statement Additional CopyrightsMD5 Product and Publication Details ZlibV1.1, March Contents Chapter Performing System Management Tasks Chapter Monitoring System Performance Page About This Manual Conventions, Formats, and ScopeRevision History Manual Part Publication Version Description Number DateChapter Introduction Key Features and Capabilities About Stream ScanningWhat Can You Do with an STM150? Service Registration Card with License Keys Front Panel FeaturesRear Panel Features Default IP Address, Login Name, and Password Location Choosing a Location for the STM150Using the Rack Mounting Kit V1.1, March Provisioning Threat Management Services Choosing a Deployment ScenarioGateway Deployment Server Group Use the Installation Guide to Perform Initial Configuration Segmented LAN DeploymentLogging In to the STM150 V1.1, March Registering the STM150 Click RegisterEmail Security Use the Setup Wizard to Complete the ConfigurationSetup Wizard Options Web SecurityEmail Notification Server Verifying the STM150 InstallationUpdate Settings Web CategoriesTesting Http Scanning Testing ConnectivityWhat to Do Next Configuring Network Settings Modifying System SettingsPerforming System Management Tasks V1.1, March Enabling Session Limits and Timeouts Scanning Exclusions On the menu, click Global Settings Scanning ExclusionsTo enter a scanning exclusion rule On the menu, click Administration Time Zone Setting the System TimeTo set the system time Specifying the Notification Server To specify a notification serverClick Save Changes Customizing Email AlertsTo enable system administrator email alerts To configure the Snmp settings Configuring Snmp SettingsOn the menu, click Administration Snmp Defining Trusted Snmp Hosts Supported MIB BrowsersTo define Snmp Traps Backing Up and Restoring Configurations Backing Up the STM150 ConfigurationRestoring a Configuration To Back Up the STM150 SettingsTo restore the STM150 settings Resetting to Factory Defaults Restarting the STM150Enabling Remote Management Administering Software Updates Configuring Scheduled UpdatesPerforming a Manual Update To configure scheduled updatesOn the menu, go to Administration Software Update Applying a Software Update that Requires a Reboot Administering Admin Login Timeouts and Passwords V1.1, March V1.1, March Default Scan Settings Chapter Customizing ScansCustomizing Email Scanning Settings Email Security Anti-Virus Notification Settings on the menu End User Email Notification SettingsInsert Warning into Email Subject Line Smtp Append Safe Stamp Smtp & POP3 Send Warning Email When Malware Is FoundReplace Infected Attachment with Warning Message Email Content Filtering File Extension Filter by Password-protected AttachmentsFilter by Subject Keywords Filter by File TypeSetting Up the Whitelist and Blacklist Protecting Against Email SpamTo define the sender whitelist. On the menu, go to Email Security Anti-Spam Whitelist and BlacklistConfiguring the Real-time Blacklist To define the recipient whitelist. On the menu, go toConfiguring Distributed Spam Analysis To add a new providerTo configure distributed spam analysis Customizing Web Scanning Settings Configuring Web Malware Scans Configuring Web Content Filtering V1.1, March V1.1, March Configuring Web URL Filtering White ListBlacklist Http Tunneling Https Scan SettingsHttps Third Party Website Certificate Handling Show This Message When an SSL Connection Attempt Fails STM150 CA CertificateV1.1, March Certificate Management Web Security Https Scan Certificate ManagementTrusted Certificate Authorities To import a new certificate used for Https scansUntrusted Certificates Trusted Hosts To add hosts to the Host Access Control ListWeb Security Http and Https Trusted Hosts To delete hosts from the Host Access Control List Configuring FTP ScanWeb Security FTP V1.1, March Chapter Monitoring System Performance Viewing the System Status Using Statistics and Web Usage Data V1.1, March Monitoring Security Using the Network Diagnostic Tools Running DiagnosticsMonitoring Diagnostics Gathering Important Log Information Using the Realtime Traffic Diagnostic ToolsTo collect information about your STM150 Generate Network Statistics Report Using Reports to Optimize Protection and PerformanceWorking with Logs Querying Logs Sending LogsUsing Logs to Identify Infected Clients Log ManagementSend Reports by Email Working with ReportsOn the menu, click Logs & Reports Scheduled Report Enabling Remote Troubleshooting Using Online SupportSupport Online Support Working with Hot Fixes To install a hot fixGo to Support Hot Fixes Sending Suspicious Files to Netgear for Analysis On the menu, go to Support Malware AnalysisAppendix a Default Settings and Technical Specifications Table A-1. STM150 Default Configuration SettingsSTM150 specifications are listed in the table below Appendix B Related Documents Document LinkV1.1, March Index N